Or in the negotiated authentication.
Is there anything in the kerberos logs on the server side?
Can you do an ldap connection using GSSAPI from the client?
May be KDC is not accessible because FW does allow access to the KDC port?
Just some ideas what to check...
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users